﻿using System;
using System.Collections.Generic;

using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using ChapterX.BusinessFacade;
using ChapterX.Common;
using ChapterX.Data;

namespace ChapterX
{
    public partial class Default : ChapterX.Model.PageBase
    {
        private const String DEFAULT_PAGE = "~/Auth/Default.aspx";
        private const String QUERY_KEY_RETURN_URL = "ReturnUrl";
        private bool login_to_default_page_next_time = false;

        protected void Page_Load(object sender, EventArgs e)
        {
            // Check if we come here for some reason.
            String returnUrl = Request.QueryString[QUERY_KEY_RETURN_URL];
            if (!String.IsNullOrEmpty(returnUrl))
            {
                if (User.Identity.IsAuthenticated)
                {
                    SetErrorMessage("提示：您没有足够的权限来执行刚才的操作。");
                    login_to_default_page_next_time = true;
                }
                else
                {
                    SetErrorMessage("提示：您尚未登录，或者会话已经过期。");
                }
            }
            else
            {
                if (User.Identity.IsAuthenticated)
                {
                    Response.Redirect(DEFAULT_PAGE);
                }
                else
                {
                    SetInfoMessage("提示：请输入您的用户名和密码进行登录。");
                }
            }
        }

        protected void LoginLibrarian_Click(object sender, EventArgs e)
        {
            Login(UsernameLibrarian.Text, PasswordLibrarian.Text);
        }

        protected void LoginTeacher_Click(object sender, EventArgs e)
        {
            Login(UsernameTeacher.Text, PasswordTeacher.Text);
        }

        protected void LoginStudent_Click(object sender, EventArgs e)
        {
            Login(UsernameStudent.Text, PasswordStudent.Text);
        }

        protected void Login(String username, String password)
        {
            String message = null;
            do
            {
                // Do some checking first
                if (String.IsNullOrEmpty(username) || String.IsNullOrEmpty(password))
                {
                    message = "提示：请同时提供您的用户名和密码。";
                    break;
                }

                UserSystem us = new UserSystem();

                if (!us.Exists(username))
                {
                    message = "提示：您输入的用户名不存在。";
                    break;
                }

                if (!us.VerifyPassword(username, password))
                {
                    message = "提示：您输入的用户名和密码不匹配。";
                    break;
                }

                // Login
                UsersDS.UsersRow user = us.GetUserByUsername(username);
                AuthManager.UserLogin(username, user.Roles);

                // Update user
                us.UserLogin(username, Request.UserHostAddress);

                // Redirect
                String redirectUrl;
                if (login_to_default_page_next_time)
                {
                    redirectUrl = DEFAULT_PAGE;
                    login_to_default_page_next_time = false;
                }
                else
                {
                    redirectUrl = Request.QueryString[QUERY_KEY_RETURN_URL];
                    if (String.IsNullOrEmpty(redirectUrl))
                    {
                        redirectUrl = DEFAULT_PAGE;
                    }
                }
                Response.Redirect(redirectUrl);
            }
            while (false);

            SetErrorMessage(message);
        }
    }
}
